There’s a lemmy.ml post on a Raleigh News Observer article about RedHat and how their new partner program stipulations ‘divide the open source community’. Inside that article are arguments favoring RedHat. These arguments always miss the point, which is that RedHat, and IBM by extension as the parent company, always maximize their copyrights with teams of lawyers, while in this case systematically violating the copyrights of every contributor to the Linux kernel and much of the other software released and redistributed by RedHat.
I’ll explain. But first, let’s begin with the Raleigh News and Observer article at the Lemmy.ml submission, which has a link to the canonical article. In that Lemmy comment forum, you’ll find commenters comparing the legal behavior of CentOS, Scientific Linux, and Rocky distributions - all based on RedHat Enterprise Linux - with so-called ‘software piracy’. Which turns on its face the license this software was distributed under, namely the GPL V2 for the Linux kernel, and some combination of open sources source licenses (including the GPL V3) for the rest.
Let us understand what RedHat is actually doing. Much of RedHat Linux is written by people other than software developers at RedHat. Those people released their software under the GPL, which allows for derivative modification as long as the GPL license is followed. This is the so-called ‘viral nature’ of the GPL. RedHat restricts distribution of source for binaries of software they wrote as derivatives of GPL software to only those who pay a support subscription fee. That’s software other people wrote and published under the GPL which they modified. And that is perfectly OK. As RMS said, paraphrasing, ‘free speech, not free beer’. But then they take it further, by restricting subscription paying recipients from redistributing to third parties all GPL source code RedHat MUST make available to them per the terms of the license by threatening to revoke a subscription. Thereby revoking access to the source. This violates the GPL by creating a coercive stipulation to the support license which restricts the rights of recipients to redistribute under the GPL.
See Section 6 from the GPL V2, which the entire Linux kernel is distributed under (note that the GPL V3 contains a similar provision):
- Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients’ exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.
This means RedHat cannot coerce its partners by threatening to revoke subscription access in order to violate Section 6 of the GPL. That’s a copyright violation of the terms of the license by every contributor who released their work under the GPL, which RedHat has either modified or redistributes in whole. Therefore, this represents a massive structural copyright violation by RedHat against thousands of contributors who published software under the GPL that they either redistribute or modify and redistribute. Which is, like most of RedHat Linux. If RedHat wants to go closed source like this, then they should toss all GPL’d software in their RedHat distribution, and rewrite it themselves or use replacements under the BSD or MIT license. Which would make their play legal. A RedHat BSD distribution, for example.
Now, I have had experience with corporate license audits by major companies. IBM has a large team of lawyers who specialize in copyright infringement cases, and if you infringe their copyrights, and they find out, you should expect serious legal repercussions. The same is true for Microsoft, Adobe, Autodesk, etc. RedHat, as a subsidiary of IBM, is here violating the same laws IBM hires lawyers to get courts to enforce.
The difference here is that these big companies are singular entities with teams of lawyers, versus thousands of individual contributors who collectively created and published something this big company is now stealing. And let’s be clear, when you copy the Adobe Suite without paying a license fee, they call that shit “stealing”. But when RedHat does it, by violating license terms that thousands of creators have released their work under, RedHat’s PR flacks call legitimate redistribution under those license terms “piracy”. In order to muddy the waters and confuse people. No, it’s RedHat who is engaged in the piracy here. Just read the license.
I’m not a lawyer. I don’t know how to properly structure a response to this. Maybe the FSF or EFF organizes a few hundred major contributors, like Linus Torvolds, and files a class action lawsuit. Or maybe, for reasons, license rights of those organized contributors are ceded to an organization like the FSF en masse, and that organization files a copyright violation lawsuit. But those are tactical questions. At the core, those contributors MUST DEFEND THEIR COPYRIGHTS or we will all lose the right by fiat to create and redistribute software in the manner with these legal protections.
This is no joke. The entire Free Software movement is under threat by this, because if RedHat succeeds here, it will set a precedent. And every other company will run roughshod over the copyrights of individual creators in the same way.
Additional information on this issue can be found here:
https://sfconservancy.org/blog/2023/jun/23/rhel-gpl-analysis/
And here:
https://hackaday.com/2023/06/23/et-tu-red-hat/
EDIT I contacted Richard Stalman at the Free Software Foundation and he replied. He stated he thinks what RedHat is doing is “very wrong” but does not believe there is a legal remedy to the problem.
It’s funny, because there was a post about some company calling themselves Open Source but putting a restriction on downstream monetization of their code, and commenters here were adamant that this was unacceptable, and that, contrary to what I said, big companies would TOTALLY NEVER just decide that they owned an open source project by slapping their own license on top, and declare that others couldn’t use it as they like… OH LOOK.
Whether you like it or not, the only real means that exists in the US to legally prevent a company like RedHat or any other big companies from saying, “your code is mine now, fight me in court if you don’t like it”, is to have registered copyright ownership over it. With that, it’s open-shut. Without that, you’re looking at years-long court battles over how much legal weight your OSS license holds.
FOSS as people like to imagine it is very much based on people acting in good faith, and the bad-faith actors not having the resources to torpedo the system. We’re seeing here what happens when they do.
I agree with most of this. I installed RedHat 2.0.2 back in 1994. I supported thousands of installs of Scientific Linux. Back in the Donnie Barnes days, when RedHat was privately owned, they were real community contributors. But this is direct attack. And the FSF and EFF are going to have to respond, with lawyers. Because the consequence of this is to diminish the rights of individual creators and their copyrights. Giving large companies rights in copyright by fiat that individuals won’t posses. And that’s not just an attack on copyright, it’s an attack on rule of law. Copyright law MUST be enforced equally, or it becomes a form of government patronage.
Are you referring to hashicorp with recently changing license terms? IIRC the change in license was to prevent competitors (i.e. AWS) from releasing a service using the open source software from directly competing with their cloud offerings. It’s sad it had to come to it, but I think the reality of the situation is that AWS could come up with a competing cloud offering, has the built in user base, and can run the service at a loss, because they make money elsewhere.
A company like Amazon totally could afford to pay, but won’t if they don’t have to. Ultimately, I think part of the license change was in response to Amazon and AWS being a monopoly. Without the license change, their company was at risk.
I was referring to the post about Grayjay. But yes, terraform is just more proof that this is a very real threat to the OSS ecosystem, and that OSS providers need to start thinking about protecting their software from being seized and monetized by large companies whose preexisting install base can muscle the actual developers out.